You need the open source PHP library phpseclib which handles encryption without adding any requirements to PHP. Of course, if you're selling an application that's not written in PHP, or you just don't like phpseclib, you can use a different encryption library. You aren't locked into using phpseclib but we use it and it works very well. Our documentation will include sample code that you can use within your application. The documentation will be available very soon, and we'll start selling the extension just after 3.2 is officially released.
Mike is right, the license is good for a single installation of Blesta and there are no restrictions on how many companies you have it installed for.